ncio 1.1.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d3a023e01e8f30ad099628a652e23d8432a96e29
-  data.tar.gz: 26a22f56c26aa09821e7cc5af6b11ee92f2e9748
+  metadata.gz: 6a2052b10003c3a63395281ac33811900acf2f9a
+  data.tar.gz: 63c12430435b5780d06deb55ccedf58c8d0a8c44
 SHA512:
-  metadata.gz: fbd161b5b74263feccfe972c9f0be4b1a12bd5e5e650d3e80a683177cd25615d9510974843c58689494442961ae712e09840f30a300336047d0017a1423d9bc5
-  data.tar.gz: 219f253cf24cbc5038160884ef0f55eecff340e3a30c92c9690b758b2e9d0885a23639108b7b76376f1f7c72d8f6d0fbf47ee0005e01b362611fada80928249c
+  metadata.gz: 9c1f4d189022e00370658084a5b8f818d6d36e0fa4e8b7a597559d41e3d8ef17403f7c7925ab8b04c2cbc0daaf07f07da7526d372cbfc28974b97fe5ed101ec1
+  data.tar.gz: 20691eaf4dc7c983536a69ab4aaef28994be31e12f86cad8ecde2916c9381da1843fe8cadc92ee96d8aa6441d9d37a7966bfff885863c62960ac2e4b98068a1b

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+Version 1.2.0
+===
+
+ * PE 2016.4.2 Compatibility thanks to Geoff Williams [Issue
+   8](https://github.com/jeffmccune/ncio/issues/8)
+
 Version 1.1.0
 ===
 

data/README.md

@@ -64,10 +64,11 @@ Install this tool on the same node running the node classification service:
 
 ## Usage
 
-If the file `/etc/puppetlabs/puppet/ssl/certs/pe-internal-orchestrator.pem`
-exists on the same node as the Node Classifier, then no configuration is
-necessary.  The default options will work to backup and restore node
-classification data.
+Ncio will attempt to use the host certificate from
+`/etc/puppetlabs/puppet/ssl/certs/$FQDN.pem` if it exists on the same node as
+the Node Classifier.  If this certificate has sufficient access then no
+configuration is necessary.  The default options will work to backup and restore
+node classification data.
 
     sudo -H -u pe-puppet /opt/puppetlabs/puppet/bin/ncio backup > /var/tmp/backup.json
     I, [2016-06-28T19:25:55.507684 #2992]  INFO -- : Backup completed successfully!

data/lib/ncio/http_client.rb

@@ -27,8 +27,8 @@ module Ncio
       host: Socket.gethostname,
       port: 4433,
       use_ssl: true,
-      cert: ssldir + '/certs/pe-internal-orchestrator.pem',
-      key: ssldir + '/private_keys/pe-internal-orchestrator.pem',
+      cert: "#{ssldir}/certs/#{Socket.gethostname}.pem",
+      key: "#{ssldir}/private_keys/#{Socket.gethostname}.pem",
       cacert: ssldir + '/certs/ca.pem'
     }.freeze
 
@@ -44,11 +44,11 @@ module Ncio
     #
     # @option opts [String] :cert The path to the PEM encoded client
     #   certificate.  Defaults to
-    #   `"/etc/puppetlabs/puppet/ssl/certs/pe-internal-orchestrator.pem"`
+    #   `"/etc/puppetlabs/puppet/ssl/certs/$FQDN.pem"`
     #
     # @option opts [String] :key The path to the PEM encoded RSA private key
     #   used for the SSL client connection.  Defaults to
-    #   `"/etc/puppetlabs/puppet/ssl/private_keys/pe-internal-orchestrator.pem"`
+    #   `"/etc/puppetlabs/puppet/ssl/private_keys/$FQDN.pem"`
     #
     # @option opts [String] :cacert The path to the PEM encoded CA certificate
     #   used to authenticate the service URL.  Defaults to

data/lib/ncio/support/option_parsing.rb

@@ -59,6 +59,8 @@ module Ncio
       def parse_global_options!(argv, env)
         semver = Ncio::VERSION
         host = Socket.gethostname
+        cert_default = self.cert_default
+        key_default  = self.key_default
         Ncio::Trollop.options(argv) do
           stop_on_unknown
           version "ncio #{semver} (c) 2016 Jeff McCune"
@@ -66,8 +68,8 @@ module Ncio
           uri_dfl = env['NCIO_URI'] || "https://#{host}:4433/classifier-api/v1"
           opt :uri, 'Node Classifier service uri '\
             '{NCIO_URI}', default: uri_dfl
-          opt :cert, CERT_MSG, default: env['NCIO_CERT'] || CERT_DEFAULT
-          opt :key, KEY_MSG, default: env['NCIO_KEY'] || KEY_DEFAULT
+          opt :cert, CERT_MSG, default: env['NCIO_CERT'] || cert_default
+          opt :key, KEY_MSG, default: env['NCIO_KEY'] || key_default
           opt :cacert, CACERT_MSG, default: env['NCIO_CACERT'] || CACERT_DEFAULT
           log_msg = 'Log file to write to or keywords '\
             'STDOUT, STDERR {NCIO_LOGTO}'
@@ -167,6 +169,22 @@ module Ncio
         end
       end
 
+      def self.pem_exists?(name)
+        File.exist?(SSLDIR + "/certs/#{name}.pem")
+      end
+
+      def certname
+        NAMES.find { |n| Ncio::Support::OptionParsing.pem_exists?(n) } || NAMES.last
+      end
+
+      def cert_default
+        SSLDIR + "/certs/#{certname}.pem"
+      end
+
+      def key_default
+        SSLDIR + "/private_keys/#{certname}.pem"
+      end
+
       BANNER = <<-'EOBANNER'.freeze
 usage: ncio [GLOBAL OPTIONS] SUBCOMMAND [ARGS]
 Sub Commands:
@@ -190,15 +208,15 @@ Transformation:
 Global options: (Note, command line arguments supersede ENV vars in {}'s)
       EOBANNER
 
+      # Names used to look for the default client certificate
+      NAMES = ['pe-internal-orchestrator', Socket.gethostname.downcase]
+
       SSLDIR = '/etc/puppetlabs/puppet/ssl'.freeze
+
       CERT_MSG = 'White listed client SSL cert {NCIO_CERT} '\
         'See: https://goo.gl/zCjncC'.freeze
-      CERT_DEFAULT = (SSLDIR + '/certs/'\
-                      'pe-internal-orchestrator.pem').freeze
       KEY_MSG = 'Client RSA key, must match certificate '\
         '{NCIO_KEY}'.freeze
-      KEY_DEFAULT = (SSLDIR + '/private_keys/'\
-                     'pe-internal-orchestrator.pem').freeze
       CACERT_MSG = 'CA Cert to authenticate the service uri '\
         '{NCIO_CACERT}'.freeze
       CACERT_DEFAULT = (SSLDIR + '/certs/ca.pem').freeze

data/lib/ncio/version.rb

@@ -1,3 +1,3 @@
 module Ncio
-  VERSION = '1.1.0'.freeze
+  VERSION = '1.2.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ncio
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Jeff McCune
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-08-10 00:00:00.000000000 Z
+date: 2016-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler